Detecting Android malware phishing login interface based on SURF algorithm

doi:10.16511/j.cnki.qhdxxb.2016.23.009

Download: PDF(1925 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract A detection method was developed based on computer vision technology to deal with the malicious application that makes phishing attacks through faking the login interface of the target application. The method detects malicious applications containing phishing login interfaces by measuring the similarities between the current login interface and the target application login interface using the SURF algorithm. A prototype system was implemented on the Android platform to detect phishing login interfaces. The experimental results indicate that the proposed detection method can effectively identify phishing login interfaces.

Keywords phishing SURF algorithm Android

ZTFLH:

TP309.2

Issue Date: 15 January 2016

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	XU Qiang
	LIANG Bin
	YOU Wei
	SHI Wenchang

Cite this article:

XU Qiang,LIANG Bin,YOU Wei, et al. Detecting Android malware phishing login interface based on SURF algorithm[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(1): 77-82.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2016.23.009 OR http://jst.tsinghuajournals.com/EN/Y2016/V56/I1/77

[1] 中国互联网络信息中心. 2013年中国网民信息安全状况研究报告[Z/OL]. (2013-12-19). http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/mtbg/201312/P020131219359905417826.pdf.
[2] Wikipedia. Phishing[EB/OL]. [2014-06-10]. http://en.wikipedia.org/wiki/Phishing.
[3] Szeliski R. Computer: Algorithms and Applications [M]. Springer London Science, 2010.
[4] Lowe D G. Object recognition from local scale-invariant features [C]//Proceedings of the Seventh IEEE International Conference on Computer Vision. Kerkyra, Greece: IEEE, 1999, 2: 1150-1157.
[5] Lowe D G. Distinctive image features from scale-invariant key points [J]. International Journal of Computer Vision, 2004, 60: 91-110.
[6] Bay H, Ess A, Tuytelaars T, et al. SURF: Speeded up robust features [C]//9th European Conference on Computer Vision. Computer Vision-ECCV 2006. Graz, Austria: Springer Berlin Heidelberg, 2006: 404-417.
[7] Schmid M. A performance evaluation of local descriptors [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 2005, 27(10): 1615-1630.
[8] 白延柱, 侯喜报. 基于SIFT算子的图像匹配算法研究 [J]. 北京理工大学学报, 2013, 33(6): 622-627.BAI Yanzhu, HOU Xibao. An improved image matching algorithm based on SIFT [J]. Transactions of Beijing Institute of Technology, 2013, 33(6): 622-627. (in Chinese)
[9] OpenCV. Feature Detection and Description [EB/OL]. [2014-06-12]. http://docs.opencv.org/modules/nonfree/doc/feature_detection.html.
[10] 王家林. 细说Android 4.0 NDK编程 [M]. 北京: 电子工业出版社, 2012.WANG Jialin. Elaborating Android 4.0 NDK Programming [M]. Beijing: Publishing House of Electronics Industry, 2012. (in Chinese)

[1]	XU Junfeng, WANG Jiajie, ZHU Kelei, ZHANG Puhan, MA Yufei. Credit index measurement method for Android application security based on AHP[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(2): 131-136.
[2]	SHEN Ke, YE Xiaojun, LIU Xiaonan, LI Bin. Android App behavior-intent inference based on API usage analysis[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(11): 1139-1144.
[3]	HAN Xinhui, DING Yijing, WANG Dongqi, LI Tongxin, YE Zhiyuan. Android malicious AD threat analysis and detection techniques[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 468-477.
[4]	LI Zhoujun, WU Chunming, WANG Xiao. Assessment of Android application's risk behavior based on a sandbox system[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 453-460.
[5]	DONG Guowei, WANG Meilin, SHAO Shuai, ZHU Longhua. Android application security vulnerability analysis framework based on feature matching[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 461-467.